/src/etc/inc/easyrule.inc - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/src/etc/inc/easyrule.inc @ d6db3d73

1	c0b6fdde	jim-p	<?php
2			/*
3	ac24dc24	Renato Botelho	* easyrule.inc
4			*
5			* part of pfSense (https://www.pfsense.org)
6	38809d47	Renato Botelho do Couto	* Copyright (c) 2009-2013 BSD Perimeter
7			* Copyright (c) 2013-2016 Electric Sheep Fencing
8	8f585441	Luiz Souza	* Copyright (c) 2014-2021 Rubicon Communications, LLC (Netgate)
9	ac24dc24	Renato Botelho	* Originally Sponsored By Anathematic @ pfSense Forums
10			* All rights reserved.
11			*
12	b12ea3fb	Renato Botelho	* Licensed under the Apache License, Version 2.0 (the "License");
13			* you may not use this file except in compliance with the License.
14			* You may obtain a copy of the License at
15	ac24dc24	Renato Botelho	*
16	b12ea3fb	Renato Botelho	* http://www.apache.org/licenses/LICENSE-2.0
17	ac24dc24	Renato Botelho	*
18	b12ea3fb	Renato Botelho	* Unless required by applicable law or agreed to in writing, software
19			* distributed under the License is distributed on an "AS IS" BASIS,
20			* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
21			* See the License for the specific language governing permissions and
22			* limitations under the License.
23	ac24dc24	Renato Botelho	*/
24	c0b6fdde	jim-p
25			$blockaliasname = 'EasyRuleBlockHosts';
26	865ff9b4	jim-p	$protocols_with_ports = array('tcp', 'udp');
27			require_once("functions.inc");
28			require_once("util.inc");
29	1d85e963	Renato Botelho	require_once("ipsec.inc");
30	865ff9b4	jim-p	require_once("config.inc");
31	4d828a9a	Ermal Lu?i
32	c0b6fdde	jim-p	function easyrule_find_rule_interface($int) {
33			global $config;
34			/* Borrowed from firewall_rules.php */
35	f593f80b	Phil Davis	$iflist = get_configured_interface_with_descr(true);
36	dadad8b3	jim-p
37	1e0b1727	Phil Davis	if ($config['pppoe']['mode'] == "server") {
38	d3d23754	Chris Buechler	$iflist['pppoe'] = "PPPoE Server";
39	1e0b1727	Phil Davis	}
40	dadad8b3	jim-p
41	1e0b1727	Phil Davis	if ($config['l2tp']['mode'] == "server") {
42			$iflist['l2tp'] = "L2TP VPN";
43			}
44	4d828a9a	Ermal Lu?i
45	c0b6fdde	jim-p	/* add ipsec interfaces */
46	4e322e2c	Phil Davis	if (ipsec_enabled()) {
47	c0b6fdde	jim-p	$iflist["enc0"] = "IPSEC";
48	4e322e2c	Phil Davis	}
49	dadad8b3	jim-p
50	1e0b1727	Phil Davis	if (isset($iflist[$int])) {
51	c0b6fdde	jim-p	return $int;
52	1e0b1727	Phil Davis	}
53	c0b6fdde	jim-p
54			foreach ($iflist as $if => $ifd) {
55	1e0b1727	Phil Davis	if (strtolower($int) == strtolower($ifd)) {
56	c0b6fdde	jim-p	return $if;
57	1e0b1727	Phil Davis	}
58	c0b6fdde	jim-p	}
59	dadad8b3	jim-p
60	1e0b1727	Phil Davis	if (substr($int, 0, 4) == "ovpn") {
61	066afaf1	jim-p	return "openvpn";
62	1e0b1727	Phil Davis	}
63	bd4c337c	jim-p	if (substr($int, 0, 5) == "ipsec") {
64			return "ipsec";
65			}
66	e1afb219	jim-p	if (substr($int, 0, 2) == "wg") {
67			return "wireguard";
68			}
69	066afaf1	jim-p
70	c0b6fdde	jim-p	return false;
71			}
72
73	4475997e	jim-p	function easyrule_block_rule_exists($int = 'wan', $ipproto = "inet") {
74	c0b6fdde	jim-p	global $blockaliasname, $config;
75			/* No rules, we we know it doesn't exist */
76			if (!is_array($config['filter']['rule'])) {
77			return false;
78			}
79
80			/* Search through the rules for one referencing our alias */
81	28a581b8	jim-p	foreach ($config['filter']['rule'] as $rule) {
82	1e0b1727	Phil Davis	if (!is_array($rule) \|\| !is_array($rule['source'])) {
83	f3704cb2	jim-p	continue;
84	1e0b1727	Phil Davis	}
85	4475997e	jim-p	$checkproto = isset($rule['ipprotocol']) ? $rule['ipprotocol'] : "inet";
86	1e0b1727	Phil Davis	if ($rule['source']['address'] == $blockaliasname . strtoupper($int) && ($rule['interface'] == $int) && ($checkproto == $ipproto)) {
87	c0b6fdde	jim-p	return true;
88	1e0b1727	Phil Davis	}
89	28a581b8	jim-p	}
90	c0b6fdde	jim-p	return false;
91			}
92
93	64eda26c	jim-p	function easyrule_block_rule_create($int = 'wan', $ipproto = "inet") {
94	c0b6fdde	jim-p	global $blockaliasname, $config;
95			/* If the alias doesn't exist, exit.
96			* Can't create an empty alias, and we don't know a host */
97	1e0b1727	Phil Davis	if (easyrule_block_alias_getid($int) === false) {
98	c0b6fdde	jim-p	return false;
99	1e0b1727	Phil Davis	}
100	c0b6fdde	jim-p
101			/* If the rule already exists, no need to do it again */
102	1e0b1727	Phil Davis	if (easyrule_block_rule_exists($int, $ipproto)) {
103	c0b6fdde	jim-p	return true;
104	1e0b1727	Phil Davis	}
105	c0b6fdde	jim-p
106	b55d94e8	jim-p	init_config_arr(array('filter', 'rule'));
107	c6c398c6	jim-p	filter_rules_sort();
108	c0b6fdde	jim-p	$a_filter = &$config['filter']['rule'];
109
110			/* Make up a new rule */
111			$filterent = array();
112			$filterent['type'] = 'block';
113	dadad8b3	jim-p	$filterent['interface'] = $int;
114	64eda26c	jim-p	$filterent['ipprotocol'] = $ipproto;
115	c0b6fdde	jim-p	$filterent['source']['address'] = $blockaliasname . strtoupper($int);
116			$filterent['destination']['any'] = '';
117	5bd033a0	Renato Botelho	$filterent['descr'] = gettext("Easy Rule: Blocked from Firewall Log View");
118	1c0083d0	jim-p	$filterent['created'] = make_config_revision_entry(null, "Easy Rule");
119	7c1aa62b	jim-p	$filterent['tracker'] = (int)microtime(true);
120	c0b6fdde	jim-p
121	92272605	NOYB	// Refer to firewall_rules_edit.php separators updating code.
122			// Using same code, variables, and techniques here.
123			$after = -1; // Place rule at top and move all separators.
124			array_splice($a_filter, $after+1, 0, array($filterent));
125
126			$tmpif = $int;
127
128			// Update the separators
129	b55d94e8	jim-p	init_config_arr(array('filter', 'separator', strtolower($tmpif)));
130	92272605	NOYB	$a_separators = &$config['filter']['separator'][strtolower($tmpif)];
131			$ridx = ifridx($tmpif, $after); // get rule index within interface
132			$mvnrows = +1;
133			move_separators($a_separators, $ridx, $mvnrows);
134	c0b6fdde	jim-p
135			return true;
136			}
137
138			function easyrule_block_alias_getid($int = 'wan') {
139			global $blockaliasname, $config;
140	1e0b1727	Phil Davis	if (!is_array($config['aliases'])) {
141	c0b6fdde	jim-p	return false;
142	1e0b1727	Phil Davis	}
143	c0b6fdde	jim-p
144			/* Hunt down an alias with the name we want, return its id */
145	1e0b1727	Phil Davis	foreach ($config['aliases']['alias'] as $aliasid => $alias) {
146			if ($alias['name'] == $blockaliasname . strtoupper($int)) {
147	c0b6fdde	jim-p	return $aliasid;
148	1e0b1727	Phil Davis	}
149			}
150	c0b6fdde	jim-p
151			return false;
152			}
153
154			function easyrule_block_alias_add($host, $int = 'wan') {
155			global $blockaliasname, $config;
156			/* If the host isn't a valid IP address, bail */
157	b4147482	jim-p	$host = trim($host, "[]");
158	1e0b1727	Phil Davis	if (!is_ipaddr($host) && !is_subnet($host)) {
159	c0b6fdde	jim-p	return false;
160	1e0b1727	Phil Davis	}
161	c0b6fdde	jim-p
162	b55d94e8	jim-p	init_config_arr(array('aliases', 'alias'));
163	c0b6fdde	jim-p	$a_aliases = &$config['aliases']['alias'];
164
165			/* Try to get the ID if the alias already exists */
166			$id = easyrule_block_alias_getid($int);
167	1e0b1727	Phil Davis	if ($id === false) {
168	c0b6fdde	jim-p	unset($id);
169	1e0b1727	Phil Davis	}
170	c0b6fdde	jim-p
171			$alias = array();
172
173	0c305760	jim-p	if (is_subnet($host)) {
174			list($host, $mask) = explode("/", $host);
175			} elseif (is_specialnet($host)) {
176			$mask = 0;
177	b4147482	jim-p	} elseif (is_ipaddrv6($host)) {
178			$mask = 128;
179	0c305760	jim-p	} else {
180			$mask = 32;
181			}
182
183	c0b6fdde	jim-p	if (isset($id) && $a_aliases[$id]) {
184	e4d8943c	Oliver Welter
185			// Catch case when the list is empty
186			if (empty($a_aliases[$id]['address'])) {
187			$a_address = array();
188			$a_detail = array();
189			} else {
190			$a_address = explode(" ", $a_aliases[$id]['address']);
191
192			/* Make sure this IP isn't already in the list. */
193			if (in_array($host.'/'.$mask, $a_address)) {
194			return true;
195			}
196			$a_detail = explode("\|\|", $a_aliases[$id]['detail']);
197			}
198
199	c0b6fdde	jim-p	/* Since the alias already exists, just add to it. */
200			$alias['name'] = $a_aliases[$id]['name'];
201			$alias['type'] = $a_aliases[$id]['type'];
202			$alias['descr'] = $a_aliases[$id]['descr'];
203
204	e4d8943c	Oliver Welter	$a_address[] = $host.'/'.$mask;
205			$a_detail[] = gettext('Entry added') . ' ' . date('r');
206
207			$alias['address'] = join(" ", $a_address);
208			$alias['detail'] = join("\|\|", $a_detail);
209
210	c0b6fdde	jim-p	} else {
211			/* Create a new alias with all the proper information */
212	1e0b1727	Phil Davis	$alias['name'] = $blockaliasname . strtoupper($int);
213			$alias['type'] = 'network';
214	9d3d8d00	Vinicius Coque	$alias['descr'] = gettext("Hosts blocked from Firewall Log view");
215	c0b6fdde	jim-p
216	0c305760	jim-p	$alias['address'] = $host . '/' . $mask;
217	5bd033a0	Renato Botelho	$alias['detail'] = gettext('Entry added') . ' ' . date('r') . '\|\|';
218	c0b6fdde	jim-p	}
219
220			/* Replace the old alias if needed, otherwise tack it on the end */
221	1e0b1727	Phil Davis	if (isset($id) && $a_aliases[$id]) {
222	c0b6fdde	jim-p	$a_aliases[$id] = $alias;
223	1e0b1727	Phil Davis	} else {
224	c0b6fdde	jim-p	$a_aliases[] = $alias;
225	1e0b1727	Phil Davis	}
226	9bb8d542	Ermal Lu?i
227			// Sort list
228			$a_aliases = msort($a_aliases, "name");
229	c0b6fdde	jim-p
230			return true;
231			}
232
233	64eda26c	jim-p	function easyrule_block_host_add($host, $int = 'wan', $ipproto = "inet") {
234	c0b6fdde	jim-p	global $retval;
235			/* Bail if the supplied host is not a valid IP address */
236	b4147482	jim-p	$host = trim($host, "[]");
237	1e0b1727	Phil Davis	if (!is_ipaddr($host) && !is_subnet($host)) {
238	c0b6fdde	jim-p	return false;
239	1e0b1727	Phil Davis	}
240	c0b6fdde	jim-p
241			/* Flag whether or not we need to reload the filter */
242			$dirty = false;
243
244			/* Attempt to add this host to the alias */
245			if (easyrule_block_alias_add($host, $int)) {
246			$dirty = true;
247			} else {
248			/* Couldn't add the alias, or adding the host failed. */
249			return false;
250			}
251
252			/* Attempt to add the firewall rule if it doesn't exist.
253			* Failing to add the rule isn't necessarily an error, it may
254			* have been modified by the user in some way. Adding to the
255			* Alias is what's important.
256			*/
257	64eda26c	jim-p	if (!easyrule_block_rule_exists($int, $ipproto)) {
258			if (easyrule_block_rule_create($int, $ipproto)) {
259	c0b6fdde	jim-p	$dirty = true;
260			} else {
261			return false;
262			}
263			}
264
265			/* If needed, write the config and reload the filter */
266			if ($dirty) {
267	fddb303a	doktornotor	write_config(sprintf(gettext("Blocked host %s via easy rule"), $host));
268	c0b6fdde	jim-p	$retval = filter_configure();
269	865ff9b4	jim-p	if (!empty($_SERVER['DOCUMENT_ROOT'])) {
270			header("Location: firewall_aliases.php");
271			exit;
272			} else {
273			return true;
274			}
275	c0b6fdde	jim-p	} else {
276			return false;
277			}
278			}
279
280	bd40781a	Seth Mos	function easyrule_pass_rule_add($int, $proto, $srchost, $dsthost, $dstport, $ipproto) {
281	c0b6fdde	jim-p	global $config;
282
283	b55d94e8	jim-p	init_config_arr(array('filter', 'rule'));
284	c6c398c6	jim-p	filter_rules_sort();
285	c0b6fdde	jim-p	$a_filter = &$config['filter']['rule'];
286
287			/* Make up a new rule */
288			$filterent = array();
289			$filterent['type'] = 'pass';
290			$filterent['interface'] = $int;
291	bd40781a	Seth Mos	$filterent['ipprotocol'] = $ipproto;
292	5bd033a0	Renato Botelho	$filterent['descr'] = gettext("Easy Rule: Passed from Firewall Log View");
293	c0b6fdde	jim-p
294	1e0b1727	Phil Davis	if ($proto != "any") {
295	c0b6fdde	jim-p	$filterent['protocol'] = $proto;
296	1e0b1727	Phil Davis	} else {
297	c0b6fdde	jim-p	unset($filterent['protocol']);
298	1e0b1727	Phil Davis	}
299	c0b6fdde	jim-p
300			/* Default to only allow echo requests, since that's what most people want and
301			* it should be a safe choice. */
302	1e0b1727	Phil Davis	if ($proto == "icmp") {
303	c0b6fdde	jim-p	$filterent['icmptype'] = 'echoreq';
304	1e0b1727	Phil Davis	}
305	c0b6fdde	jim-p
306	1e0b1727	Phil Davis	if ((strtolower($proto) == "icmp6") \|\| (strtolower($proto) == "icmpv6")) {
307	daffbc34	jim-p	$filterent['protocol'] = "icmp";
308	1e0b1727	Phil Davis	}
309	daffbc34	jim-p
310	0c305760	jim-p	if (is_subnet($srchost)) {
311			list($srchost, $srcmask) = explode("/", $srchost);
312			} elseif (is_specialnet($srchost)) {
313			$srcmask = 0;
314	aea83400	Thomas Rieschl	} elseif (is_ipaddrv6($srchost)) {
315			$srcmask = 128;
316	0c305760	jim-p	} else {
317			$srcmask = 32;
318			}
319
320			if (is_subnet($dsthost)) {
321			list($dsthost, $dstmask) = explode("/", $dsthost);
322			} elseif (is_specialnet($dsthost)) {
323			$dstmask = 0;
324	aea83400	Thomas Rieschl	} elseif (is_ipaddrv6($dsthost)) {
325			$dstmask = 128;
326	0c305760	jim-p	} else {
327			$dstmask = 32;
328			}
329
330			pconfig_to_address($filterent['source'], $srchost, $srcmask);
331			pconfig_to_address($filterent['destination'], $dsthost, $dstmask, '', $dstport, $dstport);
332	c0b6fdde	jim-p
333	7e506f87	jim-p	$filterent['created'] = make_config_revision_entry(null, "Easy Rule");
334	7c1aa62b	jim-p	$filterent['tracker'] = (int)microtime(true);
335	c0b6fdde	jim-p	$a_filter[] = $filterent;
336
337	998f77a8	jim-p	write_config($filterent['descr']);
338	c0b6fdde	jim-p	$retval = filter_configure();
339	865ff9b4	jim-p	if (!empty($_SERVER['DOCUMENT_ROOT'])) {
340			header("Location: firewall_rules.php?if={$int}");
341			exit;
342			} else {
343			return true;
344			}
345			}
346
347	64eda26c	jim-p	function easyrule_parse_block($int, $src, $ipproto = "inet") {
348	865ff9b4	jim-p	if (!empty($src) && !empty($int)) {
349	b4147482	jim-p	$src = trim($src, "[]");
350	0c305760	jim-p	if (!is_ipaddr($src) && !is_subnet($src)) {
351	5bd033a0	Renato Botelho	return gettext("Tried to block invalid IP:") . ' ' . htmlspecialchars($src);
352	865ff9b4	jim-p	}
353			$int = easyrule_find_rule_interface($int);
354			if ($int === false) {
355	5bd033a0	Renato Botelho	return gettext("Invalid interface for block rule:") . ' ' . htmlspecialchars($int);
356	865ff9b4	jim-p	}
357	64eda26c	jim-p	if (easyrule_block_host_add($src, $int, $ipproto)) {
358	5bd033a0	Renato Botelho	return gettext("Host added successfully");
359	865ff9b4	jim-p	} else {
360	5bd033a0	Renato Botelho	return gettext("Failed to create block rule, alias, or add host.");
361	865ff9b4	jim-p	}
362			} else {
363	5bd033a0	Renato Botelho	return gettext("Tried to block but had no host IP or interface");
364	865ff9b4	jim-p	}
365	5bd033a0	Renato Botelho	return gettext("Unknown block error.");
366	865ff9b4	jim-p	}
367	4dedce6d	Oliver Welter
368			function easyrule_parse_unblock($int, $host, $ipproto = "inet") {
369			global $blockaliasname, $config;
370
371			if (!empty($host) && !empty($int)) {
372			$host = trim($host, "[]");
373			if (!is_ipaddr($host) && !is_subnet($host)) {
374			return gettext("Tried to unblock invalid IP:") . ' ' . htmlspecialchars($host);
375			}
376			$real_int = easyrule_find_rule_interface($int);
377			if ($real_int === false) {
378			return gettext("Invalid interface for block rule:") . ' ' . htmlspecialchars($int);
379			}
380
381			/* Try to get the ID - will fail if there are no rules/alias on this interface */
382			$id = easyrule_block_alias_getid($real_int);
383			if ($id === false \|\| !$config['aliases']['alias'][$id]) {
384			return gettext("No block rules set on interface:") . ' ' . htmlspecialchars($int);
385			}
386
387	b55d94e8	jim-p	init_config_arr(array('aliases', 'alias', $id));
388	4dedce6d	Oliver Welter	$alias = &$config['aliases']['alias'][$id];
389
390			if (is_subnet($host)) {
391			list($host, $mask) = explode("/", $host);
392			} elseif (is_specialnet($host)) {
393			$mask = 0;
394			} elseif (is_ipaddrv6($host)) {
395			$mask = 128;
396			} else {
397			$mask = 32;
398			}
399
400			// Create the expected string representation
401			$unblock = $host.'/'.$mask;
402
403			$a_address = explode(" ", $config['aliases']['alias'][$id]['address']);
404			$a_detail = explode("\|\|", $config['aliases']['alias'][$id]['detail']);
405
406	086cf944	Phil Davis	if (($key = array_search($unblock, $a_address)) !== false) {
407	4dedce6d	Oliver Welter	unset($a_address[$key]);
408			unset($a_detail[$key]);
409			// Write back the result to the config array
410			$config['aliases']['alias'][$id]['address'] = join(" ", $a_address);
411			$config['aliases']['alias'][$id]['detail'] = join("\|\|", $a_detail);
412
413			// Update config
414	fddb303a	doktornotor	write_config(sprintf(gettext("Unblocked host %s via easy rule"), $host));
415	4dedce6d	Oliver Welter	$retval = filter_configure();
416			if (!empty($_SERVER['DOCUMENT_ROOT'])) {
417			header("Location: firewall_aliases.php");
418			exit;
419			} else {
420			return gettext("Host unblocked successfully");
421			}
422			} else {
423	6d364925	Phil Davis	return gettext("Host is not on block list: " . $host);
424	4dedce6d	Oliver Welter	}
425			}
426
427			return gettext("Tried to unblock but had no host IP or interface");
428
429			}
430
431			function easyrule_parse_getblock($int = 'wan', $sep = "\n") {
432			global $blockaliasname, $config;
433
434			$real_int = easyrule_find_rule_interface($int);
435			if ($real_int === false) {
436			return gettext("Invalid interface for block rule:") . ' ' . htmlspecialchars($int);
437			}
438
439			/* Try to get the ID - will fail if there are no rules/alias on this interface */
440			$id = easyrule_block_alias_getid($real_int);
441
442			if ($id === false \|\| !$config['aliases']['alias'][$id] \|\| empty($config['aliases']['alias'][$id]['address'])) {
443			return gettext("No block rules set on interface:") . ' ' . htmlspecialchars($int);
444			}
445			return join($sep, explode(" ", $config['aliases']['alias'][$id]['address']));
446
447			}
448
449	64eda26c	jim-p	function easyrule_parse_pass($int, $proto, $src, $dst, $dstport = 0, $ipproto = "inet") {
450	865ff9b4	jim-p	/* Check for valid int, srchost, dsthost, dstport, and proto */
451			global $protocols_with_ports;
452	b4147482	jim-p	$src = trim($src, "[]");
453			$dst = trim($dst, "[]");
454	865ff9b4	jim-p
455			if (!empty($int) && !empty($proto) && !empty($src) && !empty($dst)) {
456			$int = easyrule_find_rule_interface($int);
457			if ($int === false) {
458	5bd033a0	Renato Botelho	return gettext("Invalid interface for pass rule:") . ' ' . htmlspecialchars($int);
459	865ff9b4	jim-p	}
460			if (getprotobyname($proto) == -1) {
461	5bd033a0	Renato Botelho	return gettext("Invalid protocol for pass rule:") . ' ' . htmlspecialchars($proto);
462	865ff9b4	jim-p	}
463	0c305760	jim-p	if (!is_ipaddr($src) && !is_subnet($src) && !is_ipaddroralias($src) && !is_specialnet($src)) {
464	5bd033a0	Renato Botelho	return gettext("Tried to pass invalid source IP:") . ' ' . htmlspecialchars($src);
465	865ff9b4	jim-p	}
466	0c305760	jim-p	if (!is_ipaddr($dst) && !is_subnet($dst) && !is_ipaddroralias($dst) && !is_specialnet($dst)) {
467	5bd033a0	Renato Botelho	return gettext("Tried to pass invalid destination IP:") . ' ' . htmlspecialchars($dst);
468	865ff9b4	jim-p	}
469			if (in_array($proto, $protocols_with_ports)) {
470			if (empty($dstport)) {
471	5bd033a0	Renato Botelho	return gettext("Missing destination port:") . ' ' . htmlspecialchars($dstport);
472	865ff9b4	jim-p	}
473	0c305760	jim-p	if (!is_port($dstport) && ($dstport != "any")) {
474	5bd033a0	Renato Botelho	return gettext("Tried to pass invalid destination port:") . ' ' . htmlspecialchars($dstport);
475	865ff9b4	jim-p	}
476			} else {
477			$dstport = 0;
478			}
479			/* Should have valid input... */
480	bd40781a	Seth Mos	if (easyrule_pass_rule_add($int, $proto, $src, $dst, $dstport, $ipproto)) {
481	5bd033a0	Renato Botelho	return gettext("Successfully added pass rule!");
482	865ff9b4	jim-p	} else {
483	5bd033a0	Renato Botelho	return gettext("Failed to add pass rule.");
484	865ff9b4	jim-p	}
485			} else {
486	5bd033a0	Renato Botelho	return gettext("Missing parameters for pass rule.");
487	865ff9b4	jim-p	}
488	5bd033a0	Renato Botelho	return gettext("Unknown pass error.");
489	c0b6fdde	jim-p	}
490	9734b054	Scott Ullrich
491	bd40781a	Seth Mos	?>

Project

General

Profile

pfSense